Replace userfastboot with efi-fastboot

o Minnowboard flash now uses fastboot-over-tcp implementation
  in kernelflinger.
o Userfastboot is removed.
o Add fastboot option in kernelflinger manifest for
  boot option in UEFI BIOS at OS flash time.

BUG=none
Change-Id: Ib4a3d108c76e6e6a89b555ef62eeb90afed85ae5
Tracked-On: https://jira01.devtools.intel.com/browse/BP-267
Signed-off-by: Viorel Suman <viorel.suman@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>

11 files changed, 14 insertions, 106 deletions

diff --git a/BoardConfig.mk b/BoardConfig.mk
index 50b61da..dd5ee8c 100644
--- a/BoardConfig.mk
+++ b/BoardConfig.mk
@@ -44,17 +44,9 @@ PLATFORM_SENSOR_LIST += MPU9150Accelerometer
 PLATFORM_SENSOR_LIST += MMA7660Accelerometer
 PLATFORM_SENSOR_LIST += LSM303dAccelerometer
 
-
 TARGET_BOOTLOADER_BOARD_NAME := $(TARGET_DEVICE)
 
 #
-# USERFASTBOOT Configuration
-#
-TARGET_STAGE_USERFASTBOOT := true
-TARGET_USE_USERFASTBOOT := true
-USERFASTBOOT_NO_GUI := true
-
-#
 # KERNELFLINGER Configuration
 #
 TARGET_UEFI_ARCH := x86_64
@@ -69,8 +61,6 @@ KERNELFLINGER_GEN_GRAPHICS := false
 PRODUCT_SYSTEM_VERITY_PARTITION := /dev/block/by-name/system
 
 BOOTLOADER_USE_PREBUILT := $(shell echo $${BOOTLOADER_USE_PREBUILT:-true})
-BOOTLOADER_ADDITIONAL_DEPS += $(PRODUCT_OUT)/fastboot.img
-BOOTLOADER_ADDITIONAL_ARGS += --fastboot $(PRODUCT_OUT)/fastboot.img
 
 # Note: We use := here to force the policy directory to be added
 # on the first pass for make and to thus get around a build system bug.
@@ -80,15 +70,19 @@ vendor_partition_directory := vendor/bsp/intel/minnowboard
 
 PRODUCT_COPY_FILES += \
     device/intel/minnowboard/flash_tools/brillo-flashall.sh:provision-device \
-    device/intel/minnowboard/fstab:root/fstab.$(TARGET_DEVICE) \
-    $(vendor_partition_directory)/boot_binaries/gpt.ini:gpt.ini \
+    device/intel/minnowboard/fstab:root/fstab.$(TARGET_DEVICE)
+
+ifeq ($(BOOTLOADER_USE_PREBUILT),false)
+PRODUCT_COPY_FILES += \
+    $(vendor_partition_directory)/boot_binaries/gpt.bin:gpt.bin \
     $(vendor_partition_directory)/boot_binaries/oemvars.txt:oemvars.txt
+endif
 
 BRILLO_VENDOR_PARTITIONS := \
     $(vendor_partition_directory)/boot_binaries:bootloader \
     $(vendor_partition_directory)/boot_binaries:fastboot-usb.img \
     $(vendor_partition_directory)/boot_binaries:oemvars.txt \
-    $(vendor_partition_directory)/boot_binaries:gpt.ini \
+    $(vendor_partition_directory)/boot_binaries:gpt.bin \
     $(vendor_partition_directory)/boot_binaries:README
 
 # Must defined at the end of the file
diff --git a/bootloader.mk b/bootloader.mk
index 3ad8d28..8c96a2f 100644
--- a/bootloader.mk
+++ b/bootloader.mk
@@ -40,7 +40,6 @@ endif
 kernelflinger := $(PRODUCT_OUT)/efi/kernelflinger.efi
 
 BOARD_FIRST_STAGE_LOADER := $(kernelflinger)
-USERFASTBOOT_2NDBOOTLOADER :=
 
 intermediates := $(call intermediates-dir-for,PACKAGING,bootloader_zip)
 bootloader_zip := $(intermediates)/bootloader.zip
@@ -56,7 +55,8 @@ $(bootloader_zip): \
 	$(hide) mkdir -p $(efi_root)/EFI/BOOT
 	$(hide) $(ACP) $(BOARD_FIRST_STAGE_LOADER) $(efi_root)/loader.efi
 	$(hide) $(ACP) $(BOARD_FIRST_STAGE_LOADER) $(efi_root)/EFI/BOOT/$(efi_default_name)
-	$(hide) echo "Brillo=\\EFI\\BOOT\\$(efi_default_name)" > $(efi_root)/manifest.txt
+	$(hide) echo "Brillo-OS=loader.efi"    > $(efi_root)/manifest.txt
+	$(hide) echo "Fastboot=loader.efi;-f" >> $(efi_root)/manifest.txt
 	$(hide) (cd $(efi_root) && zip -qry ../$(notdir $@) .)
 
 bootloader_metadata := $(intermediates)/bootloader-size.txt
@@ -106,11 +106,9 @@ $(fastboot_usb_bin): \
 # Build when 'make' is run with no args
 droidcore: $(fastboot_usb_bin)
 
-.PHONY: userfastboot-usb
-userfastboot-usb: $(fastboot_usb_bin)
+.PHONY: fastboot-usb
+fastboot-usb: $(fastboot_usb_bin)
 
 $(call dist-for-goals,droidcore,$(fastboot_usb_bin):$(TARGET_PRODUCT)-fastboot-usb-$(FILE_NAME_TAG).img)
 
-# for userfastboot, we need the userfastboot image in the bootloader partition.
-INSTALLED_RADIOIMAGE_TARGET += $(PRODUCT_OUT)/fastboot.img
 endif
diff --git a/build/tasks/flashfiles.mk b/build/tasks/flashfiles.mk
index 617cb5d..9527331 100644
--- a/build/tasks/flashfiles.mk
+++ b/build/tasks/flashfiles.mk
@@ -29,7 +29,7 @@ MINNOWBOARD_BINARIES := $(MINNOWBOARD_VENDOR)/boot_binaries
 MINNOWBOARD_DEVICE := device/intel/minnowboard
 MINNOWBOARD_TOOLS  := $(MINNOWBOARD_DEVICE)/flash_tools
 
-MINNOWBOARD_FLASHFILES += $(MINNOWBOARD_BINARIES)/gpt.ini
+MINNOWBOARD_FLASHFILES += $(MINNOWBOARD_BINARIES)/gpt.bin
 MINNOWBOARD_FLASHFILES += $(MINNOWBOARD_BINARIES)/bootloader
 MINNOWBOARD_FLASHFILES += $(MINNOWBOARD_BINARIES)/oemvars.txt
 MINNOWBOARD_FLASHFILES += $(MINNOWBOARD_TOOLS)/brillo-flashall.sh
@@ -38,7 +38,7 @@ MINNOWBOARD_FLASHFILES += $(PRODUCT_OUT)/boot.img
 MINNOWBOARD_FLASHFILES += $(PRODUCT_OUT)/system.img
 MINNOWBOARD_FLASHFILES += $(PRODUCT_OUT)/userdata.img
 
-# Include the usb-stick userfastboot
+# Include the usb-stick fastboot image
 MINNOWBOARD_FLASHFILES += $(MINNOWBOARD_BINARIES)/fastboot-usb.img
 
 # Include fastboot and adb - so that the latest is available
diff --git a/build/tasks/ramdisk.mk b/build/tasks/ramdisk.mk
deleted file mode 100644
index ba3c82d..0000000
--- a/build/tasks/ramdisk.mk
+++ /dev/null
@@ -1,20 +0,0 @@
-#
-# Copyright 2016 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ifeq ($(BOOTLOADER_USE_PREBUILT),false)
-ifeq ($(TARGET_USE_USERFASTBOOT),true)
--include $(TOPDIR)vendor/bsp/intel/userfastboot/ramdisk.mk
-endif
-endif
diff --git a/flash_tools/brillo-flashall.sh b/flash_tools/brillo-flashall.sh
index 4cb0c14..6641040 100755
--- a/flash_tools/brillo-flashall.sh
+++ b/flash_tools/brillo-flashall.sh
@@ -55,7 +55,7 @@ VENDOR=$(dir_with_file bootloader \
     "${ANDROID_BUILD_TOP}/vendor/bsp/intel/minnowboard/boot_binaries")
 
 
-fastboot flash gpt        "${VENDOR}"/gpt.ini \
+fastboot flash gpt   "${VENDOR}"/gpt.bin \
     flash bootloader "${VENDOR}"/bootloader \
     flash boot_a     "${OS}"/boot.img \
     flash boot_b     "${OS}"/boot.img \
diff --git a/sepolicy/file.te b/sepolicy/file.te
deleted file mode 100644
index 91679cb..0000000
--- a/sepolicy/file.te
+++ /dev/null
@@ -1 +0,0 @@
-type efivarfs, fs_type;
diff --git a/sepolicy/genfs_contexts b/sepolicy/genfs_contexts
deleted file mode 100644
index 2e6490e..0000000
--- a/sepolicy/genfs_contexts
+++ /dev/null
@@ -1 +0,0 @@
-genfscon efivarfs       /   u:object_r:efivarfs:s0
diff --git a/sepolicy/init.te b/sepolicy/init.te
deleted file mode 100644
index b8bae16..0000000
--- a/sepolicy/init.te
+++ /dev/null
@@ -1,11 +0,0 @@
-userfastboot_only(`
-  domain_trans(init, rootfs, userfastboot)
-  domain_trans(init, rootfs, dhcp)
-
-  userdebug_or_eng(`
-    # Used for the serial console, shell label set by the console service
-    # definition from init.rc with:
-    # seclabel u:r:shell:s0
-    domain_trans(init, rootfs, shell)
-  ')
-')
diff --git a/sepolicy/kernel.te b/sepolicy/kernel.te
deleted file mode 100644
index f0910c6..0000000
--- a/sepolicy/kernel.te
+++ /dev/null
@@ -1,5 +0,0 @@
-userfastboot_only(`
-  # This is the loop back fd used by userfastboot to mount and verify the
-  # bootloader image
-  allow kernel userfastboot:fd use;
-')
diff --git a/sepolicy/te_macros b/sepolicy/te_macros
index 632389c..4b8b946 100644
--- a/sepolicy/te_macros
+++ b/sepolicy/te_macros
@@ -1,13 +1,4 @@
 #####################################
-# Userfastboot only
-# SELinux rules which apply only to userfastboot mode
-#
-define(`userfastboot_only', ifelse(target_userfastboot, `true', $1, ))
-
-define(`notuserfastboot', ifelse(target_userfastboot, `true', -userfastboot, ))
-
-
-#####################################
 # target_only(target, rules)
 # SELinux rules which only apply to a particular target
 # target - the target name in TARGET_PRODUCT. Note this is a substring search
diff --git a/sepolicy/userfastboot.te b/sepolicy/userfastboot.te
deleted file mode 100644
index 623a262..0000000
--- a/sepolicy/userfastboot.te
+++ /dev/null
@@ -1,37 +0,0 @@
-# Rules for bootable/userfastboot which pretty much does
-# everything the neverallow's catch in external/sepolicy
-userfastboot_only(`
-
-  # Keep the type from infiltrating non-userfastboot
-  # builds.
-  type userfastboot, domain;
-  permissive userfastboot;
-
-  # For silence
-  dontaudit userfastboot self:capability_class_set *;
-  dontaudit userfastboot kernel:security *;
-  dontaudit userfastboot kernel:system *;
-  dontaudit userfastboot self:memprotect *;
-  dontaudit userfastboot domain:process *;
-  dontaudit userfastboot domain:fd *;
-  dontaudit userfastboot domain:dir r_dir_perms;
-  dontaudit userfastboot domain:lnk_file r_file_perms;
-  dontaudit userfastboot domain:{ fifo_file file } rw_file_perms;
-  dontaudit userfastboot domain:socket_class_set *;
-  dontaudit userfastboot domain:ipc_class_set *;
-  dontaudit userfastboot domain:key *;
-  dontaudit userfastboot fs_type:filesystem *;
-  dontaudit userfastboot fs_type:dir_file_class_set *;
-  dontaudit userfastboot dev_type:dir_file_class_set *;
-  dontaudit userfastboot file_type:dir_file_class_set *;
-  dontaudit userfastboot node_type:node *;
-  dontaudit userfastboot node_type:{ tcp_socket udp_socket } node_bind;
-  dontaudit userfastboot netif_type:netif *;
-  dontaudit userfastboot port_type:socket_class_set name_bind;
-  dontaudit userfastboot port_type:{ tcp_socket dccp_socket } name_connect;
-  dontaudit userfastboot domain:peer recv;
-  dontaudit userfastboot domain:binder *;
-  dontaudit userfastboot property_type:property_service set;
-  dontaudit userfastboot efivarfs:dir search;
-  dontaudit userfastboot efivarfs:file rw_file_perms;
-')